Sandboxie: "Locking Down" USB Ports & DVD/CD-RW/ROM's

Discussion in 'sandboxing & virtualization' started by TheKid7, Sep 11, 2012.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Sandboxie: "Locking Down" USB Ports & DVD/CD-RW/ROM's

    I have not yet tried using Sandboxie to "lock down" the DVD/-RW's Drives and USB Ports of my Home PC's. However, someone has asked me if Sandboxie can be used effectively to stop Malware from infecting Servers when USB Flash Drives/USB hard drives/DVD-RW's are used. Is it possible to set-up Sandboxie to perform this Task effectively? If yes, how would you go about configuring Sandboxie for this Task?

    Please give other suggestions for using Sandboxie in a Server Environment. These Servers do not have Internet Access.

    Operating Systems: Windows XP Pro (32 bit) & Windows 2003 Server (32 bit)
    Antivirus Software: McAfee VirusScan Enterprise 8.7i

    Thanks in Advance.
     
    Last edited: Sep 11, 2012
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    I am not to sure what locking down means but if you mean how to use SBIE to keep anything from running when a USB, CD or DVD is inserted in your computer, then you can do it by adding "nosbiectrl" in Start/Run restrictions of the forced folder sandbox that you are using for those drives.

    If you do that, nothing is gonna run but SBIE will issue Msg 1308. If what you want is keep others from using those drives, make sure you disable Msg 1308. The person trying to use the drive wont have a clue about whats going on unless is someone that knows how to use SBIE.

    Bo
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Is it possible to auto-sandbox CD drives, USB sticks etc?
     
  4. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Last night I experimented with using "Forced Folders" in Sandboxie. I added explorer.exe to the Start/Run Access, used "Drop Rights" and added H:\ to the "Forced Folders". I attached a USB Flash Drive containing some exe's. I tried to run a couple of different exe's and Sandboxie blocked their execution.
     
  5. majoMo

    majoMo Registered Member

    Joined:
    Aug 31, 2007
    Posts:
    938
    It is what I do.

    I set USB pendrive to 'Forced Folders' to avoid usb based malware from running unsandboxed. It protect very well these kind of malware.

    I have some folders in my pendrive that I want allow to change, create or delete files that are inside it; for that I set 'OpenFilePath' to that folders.
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Yes, add the letter of the drive that you want to open sandboxed automatically using the Forced folder feature. I use separate sandboxes, one for USB drives and another one for CD/DVD drives. Works great.

    Bo
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    thanks
     
Loading...
Thread Status:
Not open for further replies.